Defense Federal Acquisition Regulation Supplement (DFARS)

DFARS is a guideline for federal agencies to ensure that sensitive federal information remains confidential when stored in nonfederal information systems and organizations. It is required for all DoD contractors that process, store or transmit Controlled Unclassified Information (CUI).

DFARS requirements

The requirements for DFARS compliance are based on NIST SP 800-171. There are 110 controls within this guideline, including mandates for SIEM, multi-factor authentication, cybersecurity training, encryption (at rest and in-transit), and written security policies and protocol. Though compliance can pose an initial challenge for businesses, it is required for all DoD contractors as of December 2017. If your business has existing government projects, or is looking to bid on future DoD contracts, now is the time to focus on DFARS compliance.

Bluestone made DFARS compliance simple- we were able to achieve compliance quickly and maintain our contracts.

— CIO, mid-sized manufacturing company

simplifying DFARS compliance

Bluestone Analytics has the tools and technical expertise to help you understand DFARS and what compliance means for your company. We work closely with executives and IT leaders to:

Conduct a comprehensive vulnerability assessment

Analyze security gaps against the DFARS standard

Develop a comprehensive roadmap to DFARS compliance

Implement a risk-management framework

Create realistic compliance milestones

Schedule a consultation

Interested in learning more about how Bluestone Analytics can help your business with DFARS compliance? Get connected with a compliance consultant today!